Lucene search
WpvulndbWPVDB-ID:86A62010-8F0C-45A8-995A-7A41464B3FF3HistoryNov 12, 2021 - 12:00 a.m.
Contact Form 7 Database Addon < 1.2.6.1 - Arbitrary Form Deletion via CSRF
2021-11-1200:00:00
wpscan.com
14
0.001 Low
EPSS
Percentile
41.9%
The plugin does not have CSRF check when processing bulk actions, which could allow attackers to make logged in admin delete arbitrary forms for example
| CPE | Name | Operator | Version |
|---|---|---|---|
| contact-form-cfdb7 | lt | 1.2.6.1 |
Related
cve
cve
CVE-2021-36886
2021-12-22 19:15:11
patchstack
patchstack
openvas
openvas
nvd
nvd
CVE-2021-36886
2021-12-22 19:15:11
cnvd
cnvd
WordPress Cross-site Request Forgery Vulnerability (CNVD-2021-102389)
2021-12-24 00:00:00
prion
prion
Cross site request forgery (csrf)
2021-12-22 19:15:00
cvelist
cvelist